From 30217f74a824ef7c18f520f61a1345a3eb9f867d Mon Sep 17 00:00:00 2001
From: Alex Palaistras <alex@deuill.org>
Date: Sat, 30 Dec 2023 18:41:11 +0000
Subject: [PATCH] gotosocial: Move to multi-stage container build

---
 service/gotosocial/Containerfile              | 23 ++++++++++++-------
 .../container/config/config.yaml.template     |  4 ++--
 service/gotosocial/container/run-gotosocial   | 13 +++++------
 3 files changed, 23 insertions(+), 17 deletions(-)

diff --git a/service/gotosocial/Containerfile b/service/gotosocial/Containerfile
index 69028cd..3a62609 100644
--- a/service/gotosocial/Containerfile
+++ b/service/gotosocial/Containerfile
@@ -1,16 +1,23 @@
-FROM docker.io/debian:bookworm-slim@sha256:f80c45482c8d147da87613cb6878a7238b8642bcc24fc11bad78c7bec726f340
-ARG VERSION=0.13.0 # renovate: datasource=github-releases depName=superseriousbusiness/gotosocial
+FROM docker.io/debian:bookworm-slim@sha256:f80c45482c8d147da87613cb6878a7238b8642bcc24fc11bad78c7bec726f340 AS builder
+RUN apt-get update -y && apt-get install -y --no-install-recommends \
+    ca-certificates curl
 
+ARG VERSION=0.13.0 # renovate: datasource=github-releases depName=superseriousbusiness/gotosocial extractVersion=^v(?<version>.*)$
 ENV PACKAGE_URL https://github.com/superseriousbusiness/gotosocial/releases/download/v${VERSION}/gotosocial_${VERSION}_linux_amd64.tar.gz
-RUN apt-get update -y && apt-get upgrade -y && apt-get install -y --no-install-recommends \
-    curl ca-certificates gettext gosu
 
-RUN mkdir -p /opt/gotosocial && curl -fsSL ${PACKAGE_URL} | tar -C /opt/gotosocial --no-same-owner -xvzf - && \
-    mv /opt/gotosocial/gotosocial /bin/gotosocial && chmod +x /bin/gotosocial
+WORKDIR /src
+RUN curl --fail --silent --show-error --location ${PACKAGE_URL} | tar --no-same-owner -xvzf - && \
+    install -D --mode 0755 /src/gotosocial /build/usr/bin/gotosocial && \
+    mkdir -p /build/usr/share/gotosocial && cp -R /src/web /build/usr/share/gotosocial/web
 
-RUN addgroup --system --gid 10000 gotosocial
-RUN adduser --system --uid 10000 --ingroup gotosocial --home /var/lib/gotosocial gotosocial
+FROM docker.io/debian:bookworm-slim@sha256:f80c45482c8d147da87613cb6878a7238b8642bcc24fc11bad78c7bec726f340
+RUN apt-get update -y && apt-get upgrade -y && \
+    apt-get install -y --no-install-recommends ca-certificates gettext gosu
 
+RUN apt-get update -y && apt-get install -y --no-install-recommends curl
+RUN adduser --system --group --uid 10000 --home /var/lib/gotosocial gotosocial
+
+COPY --from=builder /build /
 COPY container/config /etc/gotosocial
 COPY container/run-gotosocial /run-gotosocial
 
diff --git a/service/gotosocial/container/config/config.yaml.template b/service/gotosocial/container/config/config.yaml.template
index f4e403b..a577f31 100644
--- a/service/gotosocial/container/config/config.yaml.template
+++ b/service/gotosocial/container/config/config.yaml.template
@@ -49,10 +49,10 @@ db-address: "/var/lib/gotosocial/gotosocial.db"
 ######################
 
 # Directory from which gotosocial will attempt to load html templates (.tmpl files).
-web-template-base-dir: "/opt/gotosocial/web/template/"
+web-template-base-dir: "/usr/share/gotosocial/web/template/"
 
 # Directory from which gotosocial will attempt to serve static web assets (images, scripts).
-web-asset-base-dir: "/opt/gotosocial/web/assets/"
+web-asset-base-dir: "/usr/share/gotosocial/web/assets/"
 
 ###########################
 ##### ACCOUNTS CONFIG #####
diff --git a/service/gotosocial/container/run-gotosocial b/service/gotosocial/container/run-gotosocial
index a82f263..a1d4c75 100755
--- a/service/gotosocial/container/run-gotosocial
+++ b/service/gotosocial/container/run-gotosocial
@@ -6,22 +6,21 @@ set -eu
 envsubst < /etc/gotosocial/config.yaml.template > /etc/gotosocial/config.yaml
 
 # Create data directories and correct permissions for data files.
-install --owner gotosocial --group gotosocial --mode 700 --directory /var/lib/gotosocial
 chown -R gotosocial:gotosocial /var/lib/gotosocial
 
 # Initialize default condiguration if needed.
 if ! test -f /var/lib/gotosocial/gotosocial.db; then
     (
         password="$(dd if=/dev/urandom | tr -dc '[:alnum:]' | head -c 50)"
-        gosu gotosocial /bin/gotosocial --config-path /etc/gotosocial/config.yaml admin account create \
-                                        --username "$GOTOSOCIAL_DEFAULT_USERNAME" --password "$password" \
-                                        --email "${GOTOSOCIAL_DEFAULT_USERNAME}@${GOTOSOCIAL_ACCOUNT_DOMAIN}"
-        gosu gotosocial /bin/gotosocial --config-path /etc/gotosocial/config.yaml admin account promote \
-                                        --username "$GOTOSOCIAL_DEFAULT_USERNAME"
+        gosu gotosocial /usr/bin/gotosocial --config-path /etc/gotosocial/config.yaml admin account create \
+                                            --username "$GOTOSOCIAL_DEFAULT_USERNAME" --password "$password" \
+                                            --email "${GOTOSOCIAL_DEFAULT_USERNAME}@${GOTOSOCIAL_ACCOUNT_DOMAIN}"
+        gosu gotosocial /usr/bin/gotosocial --config-path /etc/gotosocial/config.yaml admin account promote \
+                                            --username "$GOTOSOCIAL_DEFAULT_USERNAME"
         echo "Created an administrator user with username '$GOTOSOCIAL_DEFAULT_USERNAME' and password '$password'."
         echo "Make sure to change this immediately after logging in for the first time!"
     )
 fi
 
 # Run entrypoint under specific user.
-gosu gotosocial /bin/gotosocial --config-path /etc/gotosocial/config.yaml server start "$@"
+exec gosu gotosocial /usr/bin/gotosocial --config-path /etc/gotosocial/config.yaml server start "$@"